Join this live interactive tournament which is sure to be a fun, challenging learning experience for all. Whether you are eager to prove your web application AppSec knowledge of the OWASP Top 10 and more... and watch as you climb to the top of the leaderboard or simply want to learn more about how to code more securely - everyone is welcome and there will be prizes / SWAG for the winner(s).

Participants are presented with any of three kinds of vulnerable code challenges - identify the problem, locate the insecure code, and fix the vulnerability. Gamification helps to make the exercise a fun, engaging and interactive experience. Participants can select from various software languages to complete the tournament, including:

In past tournaments, developers from varying levels of experience, skill levels and various job roles have competed, but all have a common interest in security and the future of security.

The aim of this event is to connect the OWASP Cambridge Chapter in a more open and engaging setting. Security experts will be on-hand to chat and help people during the event.

Guaranteed to be a fun and insightful evening!

Why should I take part?

Becoming the first ever OWASP Cambridge Secure Code Champion should be enough to whet the appetite. However, there will also be prizes, pizza and beer on hand. It is a great opportunity to test your skill levels and have fun on the Secure Code Warrior platform, connect with like-minded folks interested in secure coding and get industry insight from Peter Lawrey’s keynote speech - all free of charge.

Why is Secure Coding a big deal?

If you look at some of the most significant breaches over the last four years, Capgemini, Amazon, Yahoo and more locally the NHS, the common attack vector was vulnerable code. The striking reality is that these were not zero day vulnerabilities with no immediate remediation’s, these attacks targeted known vulnerabilities with known remediation.

As companies move to more agile development, more and more code releases occur daily, if not, on an hourly basis. It is paramount that developers writing the code become the first line of defense. But, for this to happen, developers must build their secure codingskillset. Once a developer builds those skills, they will start to write less vulnerabilities and reduce the possible attack surface of their organisation. From an agility and cost point of view, if less vulnerabilities are included from the start of the SDLC, the organization can save money and precious time - truly enabling agile performance.

Prizes:

1st Prize Raspberry Pi Kit, Hoodie & OWASP Swag (TBD)

2nd Prize Hoodie/T Shirt & OWASP Swag

Plus Other T-Shirts

Student 1st Prize

Free Entry to Cambridge Wireless’s “Inclusive Innovation Conference” 19th September at the Bradfield Centre, Cambridge Science Park (worth £75) and many other Prizes!!